From owner-freebsd-hackers  Mon Oct 23 19:05:10 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id TAA20128
          for hackers-outgoing; Mon, 23 Oct 1995 19:05:10 -0700
Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6])
          by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id TAA20103
          for <freebsd-hackers@freebsd.org>; Mon, 23 Oct 1995 19:04:59 -0700
Received: by sequent.kiae.su id AA17468
  (5.65.kiae-2 ); Tue, 24 Oct 1995 06:00:53 +0400
Received: by sequent.KIAE.su (UUMAIL/2.0); Tue, 24 Oct 95 06:00:52 +0300
Received: (from ache@localhost) by ache.dialup.demos.ru (8.6.11/8.6.9) id FAA00560; Tue, 24 Oct 1995 05:00:23 +0300
To: davidg@Root.COM, Nate Williams <nate@rocky.sri.mt.net>
Cc: ache@freefall.freebsd.org, freebsd-hackers@freebsd.org,
        John Polstra <jdp@polstra.com>
References: <199510240141.SAA00275@corbin.Root.COM>
    <FaLS4ZmKU1@ache.dialup.demos.ru>
In-Reply-To: <FaLS4ZmKU1@ache.dialup.demos.ru>;
    from =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    at Tue, 24 Oct 1995 04:53:25 +0300 (MSK)
Message-Id: <EasY4ZmaY2@ache.dialup.demos.ru>
Organization: Olahm Ha-Yetzirah
Date: Tue, 24 Oct 1995 05:00:22 +0300 (MSK)
X-Mailer: Mail/@ [v2.40 FreeBSD]
From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
X-Class: Fast
Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs
Lines: 23
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Length: 1122
Sender: owner-hackers@freebsd.org
Precedence: bulk

In message <FaLS4ZmKU1@ache.dialup.demos.ru>
    =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= writes:

>In message <199510240141.SAA00275@corbin.Root.COM> David Greenman
>    writes:

>>   Any shell script which is suseptible to a security hole because a command
>>failed to execute is broken. There are many reasons why things can fail
>>ranging from no diskspace available to who knows what. I think Andrey's hack
>>is an attempt to dam a river with a piece of tissue paper. The real problem

>If we try to plug all potential holes that we find, even small ones,
>probability of security violation becomes reduced. I don't plan to dam whole
>river, just plug in small leak reducing leaks number at whole.

BTW, why you stuck on "shell scripts" only? The same hole can hits
when commands entered by hand, see my example.

-- 
Andrey A. Chernov        : And I rest so composedly,  /Now, in my bed,
ache@astral.msk.su       : That any beholder  /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me,  /Thinking me dead.
RELCOM Team,FreeBSD Team :         E.A.Poe         From "For Annie" 1849